¶ EntX Identity and Access Management Documentation
Welcome to the EntX Identity and Access Management (IAM) Documentation. This guide covers EntX's robust, secure, and feature-rich solution for identity and access management, powered by Authentik and hosted as a fully managed service. EntX IAM enables seamless and secure authentication, authorization, and user management, simplifying access control for applications, users, and resources.
EntX IAM, powered by Authentik, offers a modern and scalable identity management solution that integrates with various applications and platforms, providing a single, unified authentication experience. Designed for both enterprise and personal use, EntX IAM allows organizations to enforce best security practices, such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC), while remaining flexible and user-friendly.
Centralize and simplify user access with SSO, allowing users to authenticate once and gain access to multiple applications seamlessly.
- Supported Protocols: SAML, OAuth2, OpenID Connect (OIDC).
- Customizable: Customize SSO policies per application, enforcing rules and permissions at a granular level.
Enhance security by requiring multiple verification factors for authentication.
- Flexible MFA Options: Support for TOTP (e.g., Google Authenticator), SMS, and email-based MFA.
- Adaptive Authentication: Configure MFA requirements based on user roles, locations, or access times.
Assign access permissions based on user roles, ensuring users have access only to what they need.
- Dynamic Role Assignment: Roles are automatically assigned based on user attributes, reducing administrative burden.
- Granular Permissions: Set fine-grained permissions on applications, resources, and data based on roles.
¶ 4. User Provisioning and Lifecycle Management
Manage user accounts with automated provisioning, de-provisioning, and updates.
- Automatic User Sync: Syncs with Microsoft 365, Google Workspace, and LDAP.
- Lifecycle Management: Automates user onboarding and offboarding, ensuring user access aligns with their role and employment status.
Enable users to manage their profiles, passwords, and MFA settings independently.
- Password Management: Self-service password reset and recovery.
- Profile Management: Users can update contact information, preferences, and MFA devices.
¶ 6. Audit Logging and Compliance Reporting
Track access and actions across the system for security and compliance.
- Detailed Audit Trails: Monitor all login events, access attempts, and administrative actions.
- Compliance Reports: Generate reports for GDPR, HIPAA, and other regulatory standards.
EntX IAM integrates seamlessly with a variety of applications and platforms.
- Pre-configured Applications: Popular platforms like Office 365, Google Workspace, Salesforce, and Slack.
- Custom Integrations: Support for custom applications using OAuth2, SAML, and OIDC.
The EntX IAM dashboard provides a centralized interface for managing user accounts, access policies, and applications. To get started:
- Log in: Access the EntX portal and navigate to the IAM section.
- Admin Interface: For administrators, the dashboard allows configuring applications, roles, and user access policies.
- Supported Browsers: Chrome, Firefox, Safari, and Edge (latest versions).
- Account Setup: EntX IAM requires users to authenticate via an existing identity provider (Google, Microsoft, LDAP, or EntX F&F Plex).
- Permissions: Admin privileges are required for configuring applications, roles, and user groups.
- Select Your Protocol: Choose from SAML, OAuth2, or OpenID Connect based on the application requirements.
- Configure Application: In the EntX IAM dashboard, go to Applications > Add Application and enter the details.
- SSO URL and Metadata: Copy the SSO URL and metadata provided by EntX IAM and input it into your application’s authentication settings.
- Test SSO: Confirm that SSO is functioning by logging in via the configured identity provider.
- Enable MFA: In the IAM dashboard, navigate to Policies > Authentication Policies.
- Choose MFA Methods: Select from TOTP, SMS, or email-based MFA.
- Assign to Users or Groups: Apply MFA requirements to specific user groups, locations, or applications.
- Test MFA: Confirm MFA works as expected by logging in as a test user and completing the MFA challenge.
- Define Roles: Go to Roles > Add Role in the IAM dashboard.
- Set Permissions: Assign permissions to each role for different applications and resources.
- Assign Roles: Link roles to users or user groups, based on their job functions or access needs.
- Review Access: Periodically review role assignments to ensure permissions align with users’ current responsibilities.
¶ User Provisioning and Sync (Business/ Enterprise)
- Enable Provisioning: Navigate to Settings > User Provisioning and enable automatic syncing.
- Configure Sync Sources: Select sources such as Microsoft 365, Google Workspace, or others.
- Automate Lifecycle Management: Ensure terminated employees are automatically de-provisioned, and new hires are granted appropriate access.
- Updating Information: Users can log in to the EntX IAM dashboard and update contact details, job titles, and other profile information.
- Password Reset: Self-service password recovery is available to users via email or MFA verification.
- Setting Up MFA: Users can choose their preferred MFA method (e.g., TOTP or SMS) and set it up in their account settings.
- Device Management: Users can manage devices and remove old or compromised devices from their MFA settings.
¶ Security and Compliance
EntX IAM is designed with security, privacy, and compliance at its core, ensuring adherence to data protection regulations and security best practices.
- Data Encryption: All data is encrypted both in transit and at rest.
- Compliance Standards: EntX IAM complies with GDPR, HIPAA, SOC 2, and other regulatory standards, offering configurable features to help organizations meet their own compliance requirements.
- Privacy by Design: EntX IAM implements privacy-first principles, ensuring data is only retained and processed as needed.
EntX IAM provides API access for managing users, roles, and applications programmatically. This is ideal for automated workflows and custom integrations.
To access the EntX IAM API:
- Generate API Key: Go to Settings > API Keys in the EntX IAM dashboard.
- API Documentation: Refer to the API documentation available in the EntX portal for full details on endpoints, request formats, and examples.
- User Management:
/api/entx/users
- Role Management:
/api/entx/roles
- Application Configuration:
/api/entx/applications
POST /api/entx/users
Content-Type: application/json
Authorization: Bearer YOUR_API_KEY
{
"username": "newuser",
"email": "[email protected]",
"roles": ["employee", "viewer"]
}
¶ Troubleshooting and Support
For any issues, the EntX Support team is available to assist with EntX IAM setup, configuration, and usage.
- SSO Authentication Failure: Ensure correct SSO URL and metadata are entered in the application’s settings.
- MFA Issues: Check that MFA settings match the expected user configuration.
- API Errors: Verify that the API key is valid and has the correct permissions.
- Knowledge Base: Tutorials and FAQs are available in the Help section of the EntX IAM dashboard.
- Community Forum: Engage with other users and administrators in the EntX community for tips and solutions.
- Customer Support: Reach out via the Support section in the EntX portal for direct assistance.
Q: Can I use multiple identity providers with EntX IAM?
A: Yes, EntX IAM supports Microsoft, Google and other. However, a user can only link one account per provider type (e.g., personal or work).
Q: How often does EntX IAM sync with external directories?
A: Sync frequency is configurable, allowing admins to choose intervals.
Q: What happens to a user’s access if they leave the company?
A: Lifecycle management features automatically de-provision users upon termination, revoking all access.
Q: Is my data secure with EntX IAM?
A: Yes, EntX IAM enforces stringent security protocols, including data encryption, MFA, and compliance with GDPR, HIPAA, and SOC 2.
With EntX IAM, managing authentication and authorization for your applications has never been more secure or convenient. For additional help or information, consult the Help section in the EntX portal.